I found this article today and was wondering, how does Discord not know about this rampant issue?
Yes, The article is a bit outdated however based on our research. The issue is still persistent on Discord’s CDN.
A recent investigation conducted by RiskIQ revealed that threat actors abused the Discord channel to deliver a total of 27 unique malware families. This included backdoors, password stealers, spyware, and trojans.
What do other people think about Discord just not even
scanning files for malware before allowing them to be uploaded to their CDN?
Anyways, As always.
Your thoughts in this topic are welcome in the comment section of this thread.
If you use Discord, there’s settings that allow you to scan files.
Scan every file
Scan every file expect from people on your friends list
Don’t scan anything
If Discord detects malicious files, it’ll warn the user about potential malware, however the user still can download the file or go back.
But this applies to messages only, since if you go to a CDN Discord link the user doesn’t get warned.
But the thing is, IQ.
Scammers need to make humans believe that it is not an scam.
So if you’re smart, probabilities you won’t get scammed.
Dont fall for “bitcoin” scams or any “free robux” scams.
I also saw someone asking if the website was malicious and the scammer said “Yes”
That’s the main problem.
Discord only warns the user inside the Discord app.
However, We have observed many websites that basically store malicious stuff on Discord’s content deliver network.
malicioussite.com and clicks the download button.
Website downloads file from Discord CDN and does not show any warning since warnings are only displayed in the Discord App.
User gets infected if neither Google SafeBrowsing or Microsoft Smart Screen detects the malware.
Our team has been detecting these issues for some time now, and
we acknowledge that Discord has made quite a lot of improvements in the safety of their application by adding the “Malicious File Warning”
However, The issue is still a pretty bad issue in the end. We are still continueing to report issues to Discord (Webhooks, and malicious CDN links)
They are pretty speedy when taking action against the malicious content in their CDN.
This is something that is a pretty funny meme according to r/discordapp
Yeah, I saw that.
There’s another version of it too.